Hcltech ≫ Bigfix Service Management

HCL BigFix Service Management (SM) is affected by a security misconfiguration vulnerability due to CSP header. This could allow attackers to inject malicious scripts increasing the risk of cross-site scripting (XSS) and potential exposure of sensiti...

HHCL BigFix Service Management (SM) is affected by a Cross‑Site Request Forgery (CSRF) vulnerability. This could lead to unauthorized changes or exposure of sensitive data.

HCL BigFix Service Management (SM) Discovery is vulnerable to unenforced encryption due to port 80 (HTTP) being open, allowing unencrypted access.  An attacker with access to the network traffic can sniff packets from the connection and uncover the d...

HCL BigFix Service Management is susceptible to HTTP Request Smuggling.  HTTP request smuggling vulnerabilities arise when websites route HTTP requests through web servers with inconsistent HTTP parsing. HTTP Smuggling exploits inconsistencies in req...

HCL BigFix SM is affected by cryptographic weakness due to weak or outdated encryption algorithms.  An attacker with network access could exploit this weakness to decrypt or manipulate encrypted communications under certain conditions.

HCL BigFix SM is affected by a Sensitive Information Exposure vulnerability where internal connections do not use TLS encryption which could allow an attacker unauthorized access to sensitive data transmitted between internal components.